How to setup flow based mirroring on a Dell PowerConnect 62xx switch

Introduction

On Dell PowerConnect switches, Flow-Based Mirroring is a mirroring session in which traffic matches specified policy and member class, then mirrored to a destination port. This can also be referred to as policy based mirroring. We can use Flow-Based Mirroring to mirror traffic from a specific MAC address, IP address, VLAN and many other specific match criteria. In this example, we are using a specific VLAN.

Steps
(6 total)

1

Create a new class-map which is used to define a new DiffServ.

#class-map match-all test1 ipv4

2

Use the #match vlan command in Class-Map Configuration mode to add specific class definitions. This match condition is based on the value of the layer 2 VLAN Identifier field. This field is the only tag in a single tagged packet, or the first or outer tag of a double VLAN packet. There are several match conditions available, but for this example we are using a match based on a specific VLAN.

#match vlan 22
#exit

3

The next step is to create our policy-map.

#policy-map test2 in

4

Add the class-map we previously created to the policy-map.

#class test1

5

Now select a port we are going to mirror the traffic to.

#mirror 1/g3
#exit

6

Final step is to use the service-policy command in either Global Configuration mode (for all system interfaces) or Interface Configuration mode (for a specific interface) to attach a policy to an interface. In this example, we are placing the policy on port 1/g1.

Conclusion

Once this is done, we can use a packet analyzer such as wireshark on port 1/g3 to view the traffic being mirrored from any interface we have the specific service policy attached to. There are some limitations to flow based mirroring, as it’s restricted to specific interfaces and will not work on the switch virtual interface.